-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
***Exploitation Challenge***
Submissions for the CSR challenge have trickled in, one by one.
With some submissions containing a satisfactory exploit that meet
the demands for successful exploitation of csr-inject_v1.tgz ...
It appears that a random address based stack still makes it
difficult to exploit a particular application... though, brute
forcing seems to be a possible solution...
Presented here is the most viable exploit so far gathered by
CSR during this current challenge... the author "Maverick"
takes credit for this released exploit...
To help preserve file formatting, please wget the exploit from:
http://www.covertsystems.org/challenges/exp41.c
Regards,
Steven Hill aka: SolarIce
- --
---=[ Covertsystems Research ]=------------------------------//
= www.covertsystems.org -
= Exploitation Research & Development -
= Specializing in UNIX/Linux Systems -
--------------------------------------------=[ SolarIce ]=---//
--The more one reads & learns, the less the other person knows.
The information in this email is confidential and may be legally
privileged. It is intended solely for the addressee. Access to
this email by anyone else is unauthorized. If you are not the
intended recipient, any disclosure, copying, distribution or any
action taken or omitted to be taken in reliance on it is
expressly prohibited and may be unlawful.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFC4kryOUBnGgmaNvcRAmFrAJ9DEiWldV0H1qAhYGZ/TTu/fb1tnQCfapWS
JPVFQn9Co5RuE//7I1KbApc=
=A5J9
-----END PGP SIGNATURE-----
Received on Jul 25 2005
Intro
